Ethicontrol at Compliance Leadership forum - old friends, new topics

The world of compliance is evolving rapidly — from formal rule-following to deep integration into a company’s culture, strategy, and technology. This shift was at the heart of the Compliance Leadership Forum 2025 discussions, a key event for professionals in ethics, oversight, and anti-corruption practices.

The forum included speakers from large businesses, the public sector, international initiatives, and consulting firms. They shared practical case studies, explored new challenges, and offered fresh perspectives on the future of compliance, not as a limitation, but as a driver of trust and business resilience.

Forum agenda

Globalization and compliance — how to align local programs with global standards

Speaker: Alexandra Levchenko - Deputy Head of Compliance DTEK Group BV (NETHERLANDS)

The opening session, led by Alexandra, focused on how to align local compliance programs with global standards. Her main point was clear: an effective program is not about looking perfect on paper — it is about truly working in practice, evolving alongside risks, and supporting a culture of integrity within the organization.

Key international frameworks to consider include ISO 37001 (anti-bribery systems), ISO 37301 (compliance management), DOJ guidelines from the U.S., and the EU ESG directives such as CSRD and CSDDD. At the core of a strong compliance program are elements like risk assessment, clear and accessible policies, independent reporting channels, ongoing employee training, whistleblower protection, and third-party due diligence. Even as regulations change, such as with the latest CSRD updates, expectations for transparency and accountability continue to grow.

Today, compliance is no longer just a legal requirement but a pillar of brand trust, business sustainability, and international reputation.

360° perspective: Is your Anti-Bribery compliance system truly effective?

Speaker: Artem Khavanov - Compliance Director of JSC "Ukrposhta"

Artem delivered a compelling presentation on one of the biggest traps in compliance—the illusion of safety. He says certificates, reports, and well-written policies do not guarantee an ethical workplace culture. While half of the companies believe their compliance systems are effective, one in five still faces regulatory sanctions. The core issue? Most assessments focus on form rather than substance.

Khavanov proposed a different approach — 360-degree evaluation, which considers the system from multiple perspectives: employees, management, compliance officers, departments, and external stakeholders. This method helps uncover blind spots often missed by traditional audits. The focus shifts to real behaviors, trust, informal norms, and how compliance influences decision-making and employee incentives.

Сompliance should transform corporate culture, not just serve as a paper shield against risk. Otherwise, it’s just another unused report in the drawer.

Compliance as an integral part of business: communication and building trust

Speaker:  Natalia Kolomiets - Head of Legal/Compliance Officer METRO Cash & Carry Ukraine Ltd.

Nataliia shared hands-on experience on how to make compliance not just a formality, but a living part of the business. At its best, compliance is ethics in action—something that manifests not only in policies, but in daily decisions, actions, and behavior across the company.

METRO’s focus is on accessibility, digitalization, and decentralization. Compliance must be understandable and relevant to every employee, regardless of role. Through gamification, chatbot tools, online training, and live “compliance marathons”, the team fosters trust and ensures clear, engaging communication.

Today, compliance is no longer “the department that checks things”—it is a true business partner, evolving alongside the company, responding to modern challenges, and reinforcing a culture of integrity at all levels.

The role of leadership in compliance: achieving strategic business outcomes through adaptive leadership

Speaker: Marianna Rozumna - Director of Legal and Regulatory Affairs INZHUR

Marianna spoke about a new kind of leadership in compliance—one that goes beyond formal administration to become a strategic interpreter of reality.

In 2025, compliance is no longer just about legal adherence. It has become a critical tool for protecting reputation, sustaining brand trust, and enabling business adaptability in times of geopolitical turbulence. Amid sanctions, regulatory pressure, and the growing role of AI, companies must act swiftly, flexibly, and ethically.

Marianna highlighted a striking gap between leadership intentions and employee perception: while 79% of executives believe they make decisions based on values, only 23% of employees feel that alignment.

That’s why the new role of a leader is to “translate reality”—to interpret risks, craft resilient strategies, and ensure consistency in the company’s values. Ethical risk now even affects contract terms, as seen in the rise of “Ethical Exit Clauses” and scenario planning approaches modeled after companies like Shell and Siemens.

Her core message: adaptive leadership is no longer optional—it’s a necessity. Today’s leaders must evolve their style — from directive to coaching — while creating a space of trust, anticipating risks, and ensuring resilience in a world where the rules can change overnight.

Focus topic: Lessons in leadership – “United by values”

Speakers: Prof. Dr. Ali Arnaout - Wismar University of Applied Sciences (Germany), Coordinator of the "EUComplianceM4UA" project, and Dr. Anna Fomenko - Wismar University of Applied Sciences (Germany), Project Manager "EUComplianceM4UA"

Anna and Ali delivered powerful messages on the transformation of compliance from a formal control tool into a foundation of corporate culture. Compliance, they argued, is not about “avoiding punishment,” but about living by values. True compliance leadership is not about enforcement—it’s about inspiration, support, and cultivating a system of ethics from within.

Fomenko emphasized that the success of a compliance program is measured not by its mere existence, but by its real influence on daily decisions. The focus is shifting from a rule-based mindset to value-based thinking—moving beyond checkboxes toward autonomy, transparency, respect, and continuous improvement. This is particularly relevant in Ukraine, where 75% of businesses are small and micro-enterprises that need flexible but deeply ethical solutions during recovery and investment.

When it comes to ethics education, simulations, storytelling, case studies, and real discussions around dilemmas are far more effective than dry guidelines. Businesses must become a partner in education through mentorship, practical case sharing, and investment in compliance labs. Only through collaboration, experience, and dialogue can we nurture the next generation of leaders who are united not just by strategic goals but by shared values.

How artificial intelligence and digital technologies are transforming compliance

Speaker: Tatyana Kyryk - Director of Compliance and Ethics of Kyivstar PJSC

Tetiana delivered her presentation online, addressing a topic that is becoming increasingly relevant for everyone working in ethics and compliance: how artificial intelligence and digital technologies are reshaping the compliance landscape. Her key message was clear—technology is not a threat, but an opportunity to rethink compliance as a dynamic, integrated function.

She emphasized that modern compliance must be digitally adaptive, from automated checks and monitoring to the use of algorithms for risk analysis and detection of suspicious behavior. Yet, along with new opportunities come new challenges: model opacity, potential bias, and the question of responsibility for AI-driven decisions. Kyryk stressed that the core responsibility of compliance remains ensuring that the human remains the final ethical decision-maker.

Technology does not replace compliance — it reshapes its focus. From bureaucracy to analytics, from reactive enforcement to proactive risk management. To stay effective, compliance teams must not only update their tools but also rethink the very logic of their work within a digital environment.

The conceptual role of AI in compliance

Speaker: Iryna Kravets - Managing Partner of "CleverAgri", Expert of the Committee on the Development of Artificial Intelligence at the Ministry of Digital Transformation of Ukraine

Iryna brought attention to a rapidly emerging responsibility in the compliance domain — artificial intelligence. She emphasized that while AI is a technology, it should not be treated simply as a tool, but as a living ecosystem that introduces new risks, challenges, and even reshapes corporate ethics.

Kravets outlined several key risks: the lack of algorithmic transparency, the danger of decisions made without human oversight, distorted outcomes due to “trained biases” in models, and the replacement of true expertise, when AI appears intelligent but bears no accountability. Compliance officers must increasingly answer not only “Is it legal?” but also “Is it ethical?”, “Is it fair?”, and “Who is responsible when the machine gets it wrong?”

AI requires governance, not just technical supervision. This means developing internal policies for AI use, clearly assigning responsibilities, training employees, and regularly reassessing risks. As Kravets aptly put it, “We should not just integrate AI—we must learn to live with it ethically.”

Which data analytics tools can help identify risks?

Speaker: Mykhailo Shomin - Independent member of the Supervisory Board of Ukrainian Capital Bank

Mykhailo focused on practical tools for effective risk management—specifically, the use of Key Risk Indicators (KRIs). His presentation clearly illustrated how compliance can be built on data, not just principles.

KRIs act as early warning signals, helping organizations detect risks before they escalate into real problems. For example, the number of internal policy breaches or regulatory fines is not just a statistic—it’s actionable intelligence that can inform strategic decisions.

Shomin emphasized that it’s not about collecting indicators for the sake of quantity, but about building a meaningful system of metrics that truly helps identify patterns and drives action.

Integrating KRIs into management reporting, automating data collection, and prioritizing quality over volume transform compliance from a reactive to a proactive function.

In the end, companies that anticipate risks, not just respond to them, gain not only better control but also a competitive advantage.

The role of compliance in business: a win-win strategy

Speaker: Iryna Temchenko - Director of the Compliance Control Department, Chief Compliance Manager (CCM) of SENSE BANK JSC

During her presentation, Iryna made one thing clear: compliance has long since evolved beyond control and reporting. Today, it is a strategic business tool that not only mitigates risk but also opens up new opportunities. In banking, where the cost of failure is high, compliance has become a foundation of trust, stability, and growth.

Iryna shared the core principles that underpin a strong compliance culture: functional independence, conflict of interest management, continuous monitoring, ethical integrity, and leadership involvement. A standout theme in her talk was reputational risk, which she illustrated with real-life examples showing how the spread of negative information can threaten the very stability of a financial institution.

Compliance should not only “catch violations,” but also build a transparent and resilient corporate culture.

Ultimately, compliance is a win-win strategy. It doesn’t slow down business—it protects and empowers it. A company that plays by the rules becomes a trusted partner, attractive to investors, and resilient in the face of external challenges.

Integrating compliance risk management into decision-making processes

Speaker: Vitaliy Redko - Head of Compliance Inspections of the Compliance Control Department of JSC "SENSE BANK"

Vitalii presented one of the most structured approaches to embedding compliance risks into management decision-making. His core message was simple but powerful: risk management should be an integral part of every decision, not a checkbox exercise or a separate compliance task.

Redko contrasted two models of risk management. The first is formal, reactive, and driven by external demands (from regulators or auditors). The second—what he calls “Risk Management 2” — is deeply embedded in a company’s DNA, where risk assessment begins before any business decision is made. He detailed a step-by-step model that includes risk analysis, discussion of alternatives, financial impact assessments, and even consideration of cognitive biases.

Risks should not block decision-making — they should enhance it. When companies integrate risk analysis into their daily operations, their decisions become more adaptive, well-grounded, and predictable to stakeholders. This is no longer just about “staying compliant” — it’s about working smart, resiliently, and strategically.

Implementing compliance controls and building an effective internal response system

Speaker: Tatyana Gromova - Director of the Compliance Department of JSC "Ukrzaliznytsia"

Tetiana shared a practical case study of how compliance was systematically implemented in one of Ukraine’s largest state-owned enterprises. Her main message: compliance is not a standalone function—it must be woven into the fabric of the business, from vendor vetting to executive decision-making.

Gromova outlined the key components of an effective compliance system—from policy development to daily monitoring, investigations, and employee training. At Ukrzaliznytsia, compliance covers anti-corruption risks, internal documentation review, handling complaints and whistleblowing, and even contributes to governance decisions. She gave special attention to procurement—an area with elevated risks where compliance works closely with the legal and security teams.

Compliance as prevention. It’s a tool that allows companies to detect reputational, antitrust, and sanctions-related risks before they escalate. This not only helps minimize losses but also strengthens operational resilience, partner trust, and the company’s internal ethical culture.

How to fight corruption and strengthen Anti-Bribery and Anti-Corruption (ABAC) programs in business

Speaker: Anastasia Afanasyeva - Head of Legal, Integrity and Compliance subdivision ACINO UKRAINE LLC (Acino Group | Switzerland)

Anastasiia presented a comprehensive approach to building an effective Anti-Bribery and Anti-Corruption (ABAC) program. Her main emphasis was not on addressing the consequences of corruption, but on creating a holistic system of prevention, education, and response that is fully integrated into business processes.

Key elements of a strong ABAC program include: a clear zero-tolerance policy, risk assessment, third-party due diligence, employee training, a secure whistleblowing mechanism (Speak-Up Line), internal controls, and continuous monitoring and improvement. She demonstrated transparently and practically how something often viewed as a “formality” can become a competitive advantage,  especially in regulated industries such as pharmaceuticals.

Afanasiieva placed particular importance on leadership accountability: a strong “tone from the top” builds a culture of integrity far more effectively than any set of rules. Ultimately, ABAC is not just a stack of policies—it is a living tool that works through people, processes, and trust. And in a complex environment where corruption risks are a daily reality, that tool is essential for confident, ethical, and sustainable operations.

How to build a personal data management strategy and implement data protection compliance

Speaker: Stanislav Kovalenko - Head of Privacy Nova Global & SuperNova Airlines, Board Member and Chair of the IAA Data Privacy Committee

Stanislav delivered a powerful and highly structured presentation on implementing privacy and data protection compliance — an area that is becoming critically important for modern businesses. His core message: protecting personal data is not just about legal compliance—it’s about trust, risk, and reputation.

He shared a step-by-step roadmap for building an effective data protection program: from data mapping, risk assessment, and identifying applicable regulations, to creating internal policies, training employees, establishing incident response procedures, and managing third-party compliance. A special focus was placed on the concept of privacy by design—embedding data protection into products and processes from the outset.

Data protection is not a “paper exercise” but a vital, ongoing process that must be integrated into every business function. In a world where cybersecurity threats and regulatory demands are growing by the day, a proactive privacy strategy is a source of resilience, competitive edge, and customer trust.

Say no to data leaks: why cyber compliance matters and who needs it

Speaker: Eduard Karaush - Head of Data Privacy Raiffeisen Bank Ukraine, (CIPP/E,CIPM), has many years of experience in implementing GDPR compliance

Eduard offered a practical and timely perspective on why compliance cannot exist without cybersecurity —and vice versa. His presentation focused on the growing intersection between legal obligations, technical safeguards, and the human factor in preventing data breaches.

He outlined three core pillars of cybersecurity within a compliance context: internal culture and training, vendor due diligence, and implementation of standards (ISO, NIST, GDPR). One striking statistic he shared: up to 95% of incidents are caused by human error. That’s why compliance must go beyond writing policies—it must educate, engage, and shape ethical behavior across the organization.

Compliance serves as a bridge between technical teams, IT departments, and executive leadership. It translates complex requirements into practical action, ensures communication with regulators, and shapes a company’s reputation as a trustworthy partner. In today’s world of digital threats, this is no longer a nice-to-have—it’s a strategic imperative.

Ethicontrol at the Forum

The Ethicontrol team took part in the forum to stay in sync with the latest standards and trends, particularly around internal investigations, whistleblower protection, cybersecurity, and risk analytics. We especially value the opportunity to exchange best practices with those who are shaping the future of compliance in Ukraine.

As is our tradition, we brought along some of our signature merch — a small but thoughtful way to leave a reminder of ourselves and the occasion. If you happen to see us at an event, be sure to stop by our booth, say hello, and grab something fun on the theme of ethics and compliance.

General impression

Compliance Leadership Forum 2025 demonstrated that compliance is becoming a driver of change, not just a tool for restraint. It’s about trust, resilience, and foresight in a world where the rules shift every day. The forum brought together not just specialists, but cultural agents—those transforming business from the inside out.

We were especially glad to see speakers from Europe. International expertise at events like this gives us a chance to see compliance from a new perspective, gain valuable insights, and exchange viewpoints across borders.

Share article: